Advertisement

Advertisement

Cellphone network flaw is a gift to hackers

By Jacob Aron

A vulnerability in old cellphone networks could allow hackers to intercept your smartphone browsing, say two security analysts.

David Pérez and José Picó of the Spanish internet security company Taddong have devised a way to hijack a mobile phone’s data communications, giving them access to any information passing in or out of the phone. They can even intercept requests for a website and replace the legitimate site with their own. Laptops and other devices using mobile internet are also vulnerable to attack, they say.

The pair detailed their attack at the Black Hat DC hacking conference in Arlington, Virginia, last week. It works by forcing the phone to connect to a fake mobile base station instead of one operated by a network provider. It’s surprisingly easy to do – although mobiles need to authenticate themselves when connecting, base stations don’t return the favour.

Back to 2G

This lack of security is based on the past assumption that base station technology is too expensive for the average hacker, but the pair’s hack uses hardware costing less than &dollar;10,000. While it isn’t possible to spoof modern 3G networks in this way, the vulnerability remains in the older 2G systems like Edge or GPRS.

Advertisement

The researchers take advantage of this by jamming 3G signals in the area, forcing phones to switch to 2G. “99.9 per cent of the mobile devices that are 3G-capable will fall back to 2G service if 3G is not available,” explains Perez.

Once the phone is connected to the spoof network, the attacker can route all data traffic through their own computer. Pérez and Picó say this allows the hacker to monitor browsing and also to mount phishing attacks by replacing legitimate online banking websites with their own versions. In the latter case the victim’s browser will warn them that the site is not secure, but users often ignore these messages.

Laptops using mobile internet are even more vulnerable, as the attack can give access to software with known vulnerabilities, allowing the attacker to take full control of the computer.

No fix

Perez says that this flaw in 2G networks cannot easily be fixed by network providers, leaving it up to users to protect themselves by encrypting the connection or using only 3G. “If your device gives you the option, configure it to accept only 3G and reject 2G,” he recommends – but many popular devices like the iPhone don’t give this option, and blocking 2G is likely to leave you with spotty network coverage in any case.

Ning Zhang, a researcher in communication and computer networks at the University of Manchester, UK, agrees that users should protect themselves from this kind of attack with encryption. “This ensures that in the event that traffic is intercepted, the attacker cannot read it,” she says. “Especially when nowadays many people use their mobile devices for financial transactions and paying bills.”